CVS commit: src/sys/netipsec

[Ryota Ozaki]

Module Name:    src
Committed By:   ozaki-r
Date:           Wed Feb 14 08:59:23 UTC 2018

Modified Files:
        src/sys/netipsec: xform_esp.c xform_ipcomp.c

Log Message:
Fix mbuf leaks on error paths

Pointed out by maxv@


To generate a diff of this commit:
cvs rdiff -u -r1.73 -r1.74 src/sys/netipsec/xform_esp.c
cvs rdiff -u -r1.53 -r1.54 src/sys/netipsec/xform_ipcomp.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/netipsec/xform_esp.c
diff -u src/sys/netipsec/xform_esp.c:1.73 src/sys/netipsec/xform_esp.c:1.74
--- src/sys/netipsec/xform_esp.c:1.73	Wed Jan 24 13:54:16 2018
+++ src/sys/netipsec/xform_esp.c	Wed Feb 14 08:59:23 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: xform_esp.c,v 1.73 2018/01/24 13:54:16 maxv Exp $	*/
+/*	$NetBSD: xform_esp.c,v 1.74 2018/02/14 08:59:23 ozaki-r Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
 
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.73 2018/01/24 13:54:16 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.74 2018/02/14 08:59:23 ozaki-r Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -444,6 +444,7 @@ esp_input(struct mbuf *m, struct secasva
 		pool_cache_put(esp_tdb_crypto_pool_cache, tc);
 		crypto_freereq(crp);
 		ESP_STATINC(ESP_STAT_NOTDB);
+		m_freem(m);
 		return ENOENT;
 	}
 	KEY_SA_REF(sav);

Index: src/sys/netipsec/xform_ipcomp.c
diff -u src/sys/netipsec/xform_ipcomp.c:1.53 src/sys/netipsec/xform_ipcomp.c:1.54
--- src/sys/netipsec/xform_ipcomp.c:1.53	Tue Oct  3 08:56:52 2017
+++ src/sys/netipsec/xform_ipcomp.c	Wed Feb 14 08:59:23 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: xform_ipcomp.c,v 1.53 2017/10/03 08:56:52 ozaki-r Exp $	*/
+/*	$NetBSD: xform_ipcomp.c,v 1.54 2018/02/14 08:59:23 ozaki-r Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform_ipcomp.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $	*/
 /* $OpenBSD: ip_ipcomp.c,v 1.1 2001/07/05 12:08:52 jjbg Exp $ */
 
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.53 2017/10/03 08:56:52 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.54 2018/02/14 08:59:23 ozaki-r Exp $");
 
 /* IP payload compression protocol (IPComp), see RFC 2393 */
 #if defined(_KERNEL_OPT)
@@ -192,6 +192,7 @@ ipcomp_input(struct mbuf *m, struct seca
 	 */
 	if (__predict_false(sav->state == SADB_SASTATE_DEAD)) {
 		pserialize_read_exit(s);
+		m_freem(m);
 		pool_cache_put(ipcomp_tdb_crypto_pool_cache, tc);
 		crypto_freereq(crp);
 		IPCOMP_STATINC(IPCOMP_STAT_NOTDB);